Google recently patched an urgent zero-day vulnerability in Chrome for Windows. The update will be deployed to all users in coming weeks.
According to the tech giant, the vulnerability (CVE-2022-2294) is fixed in Chrome version 103.0.5060.114 for Windows. Google said the Chrome update will be deployed across the entire userbase in coming weeks.
The tech giant refuses to detail the vulnerability and possible exploits. The fix has yet to arrive to all users. Disclosing the vulnerability at this time could put them at risk. Furthermore, the vulnerability may impact third-party libraries. Third-party developers are given time to apply a patch.
Experts from security specialist Avast speculate that the vulnerability involves a heap-based buffer overflow in Google Chrome’s Web RTC component. According to Avast, the vulnerability can cause program crashes and remote code execution.